Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/uA2MW7ONn9mqXbuyBkq13s4pKhs.roa
File: uA2MW7ONn9mqXbuyBkq13s4pKhs.roa (raw, json)
Hash identifier: aaiQYV2JfDtd4QAEYRu6/1LKeY+9XmqsXoeMEcYlz4w=
Subject key identifier: B8:0D:8C:5B:B3:8D:9F:D9:AA:5D:BB:B2:06:4A:B5:DE:CE:29:2A:1B
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018EB03B87590765E13C7791B15452A74D2C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/uA2MW7ONn9mqXbuyBkq13s4pKhs.roa
Signing time: Fri 05 Apr 2024 21:47:54 +0000
ROA not before: Fri 05 Apr 2024 21:47:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211063
IP address blocks: 2a0e:97c0:480::/44 maxlen: 48
2a0e:b104:100::/44 maxlen: 48
2a10:2f00:172::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 09:38:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:b0:3b:87:59:07:65:e1:3c:77:91:b1:54:52:a7:4d:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Apr 5 21:47:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b80d8c5bb38d9fd9aa5dbbb2064ab5dece292a1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e9:1b:7c:52:bd:c0:fa:3f:a2:45:4d:dd:98:
21:bd:06:7b:3e:40:17:25:0c:7c:08:95:93:38:df:
e9:09:96:b6:83:e7:14:89:45:1b:e1:87:ad:14:db:
49:21:15:2f:1f:1c:56:db:bd:fa:49:d4:ed:c8:26:
04:7d:a8:ef:60:dd:ab:5f:c3:91:9a:45:14:39:e2:
44:b9:de:ca:6b:5e:ef:f2:a4:da:25:f1:35:43:9d:
52:ad:1c:fc:39:ed:e7:a0:20:54:08:de:49:6e:34:
a2:d1:43:96:88:37:a6:fb:b4:2d:c4:53:b4:02:39:
54:17:7f:d9:5a:0a:da:d1:3c:48:f0:a6:b3:06:a6:
9c:fb:6d:17:29:32:8f:ef:45:d7:5b:8a:68:78:53:
d2:ed:94:4b:33:df:ed:1f:a9:20:4a:6e:b4:0b:75:
09:2d:8b:27:d7:b8:6d:59:2d:7e:21:c3:8b:1d:0f:
06:70:4b:22:5d:bd:c5:c7:e0:59:aa:43:0b:b1:40:
6e:48:ac:b0:ed:b8:dd:96:67:56:f3:66:c6:78:ed:
b7:c5:55:ae:1e:a9:3a:dc:aa:7e:55:46:c5:63:6d:
19:59:e6:ab:a2:2f:d3:96:84:4e:f3:a7:42:d1:5c:
da:22:bd:48:0d:5e:5f:8a:a2:04:27:a1:cd:33:e1:
2c:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:0D:8C:5B:B3:8D:9F:D9:AA:5D:BB:B2:06:4A:B5:DE:CE:29:2A:1B
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/uA2MW7ONn9mqXbuyBkq13s4pKhs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:480::/44
2a0e:b104:100::/44
2a10:2f00:172::/48
Signature Algorithm: sha256WithRSAEncryption
7a:0a:e5:f1:40:96:a8:e1:18:ed:db:9f:53:67:c5:11:7d:9b:
47:71:b9:41:e1:40:d8:e5:4d:28:dc:96:6f:f3:e6:27:18:70:
c4:04:7f:30:d9:a2:03:ec:7c:4c:e9:fa:3a:3d:32:ea:a2:13:
5e:81:14:02:04:66:aa:3c:3f:a6:a1:51:a4:ba:ec:3c:13:71:
8b:c9:43:cc:5d:0c:65:72:d7:37:2e:04:f3:d9:ab:21:83:29:
a3:b4:a8:e7:dc:c4:b0:75:7d:a7:af:bb:8f:31:b9:a6:70:35:
93:00:95:d1:95:42:71:98:36:94:95:80:7a:cf:da:b2:5f:3f:
67:5f:72:68:6a:46:18:0a:7f:b1:c7:97:6a:3f:ba:2f:b3:67:
3d:aa:56:99:bf:ab:2a:97:d0:9b:87:ce:ad:4d:fd:55:8f:6c:
0a:86:e7:fb:6a:ac:dc:d3:55:82:a7:29:bd:43:d0:fc:f3:03:
62:4b:c7:c5:b0:5b:85:3b:64:48:2c:34:86:5b:d0:e1:1f:56:
d0:c2:b6:72:c4:7f:bd:ef:28:cb:61:2f:53:d6:40:22:ac:24:
37:c7:8d:7e:fb:aa:2c:98:51:3e:3a:2b:b9:48:af:13:b5:56:
7f:1b:68:58:6e:64:31:80:80:cb:02:fc:95:e5:aa:da:73:c1:
2c:da:91:31
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY6wO4dZB2XhPHeRsVRSp00sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwNDA1MjE0NzU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODBkOGM1YmIzOGQ5ZmQ5YWE1ZGJiYjIwNjRhYjVkZWNlMjkyYTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtekbfFK9wPo/okVN3ZghvQZ7PkAX
JQx8CJWTON/pCZa2g+cUiUUb4YetFNtJIRUvHxxW2736SdTtyCYEfajvYN2rX8OR
mkUUOeJEud7Ka17v8qTaJfE1Q51SrRz8Oe3noCBUCN5JbjSi0UOWiDem+7QtxFO0
AjlUF3/ZWgra0TxI8KazBqac+20XKTKP70XXW4poeFPS7ZRLM9/tH6kgSm60C3UJ
LYsn17htWS1+IcOLHQ8GcEsiXb3Fx+BZqkMLsUBuSKyw7bjdlmdW82bGeO23xVWu
Hqk63Kp+VUbFY20ZWearoi/TloRO86dC0VzaIr1IDV5fiqIEJ6HNM+EshwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLgNjFuzjZ/Zql27sgZKtd7OKSobMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvdUEyTVc3T05uOW1xWGJ1eUJrcTEzczRwS2hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcEKg6XwASA
AwcEKg6xBAEAAwcAKhAvAAFyMA0GCSqGSIb3DQEBCwUAA4IBAQB6CuXxQJao4Rjt
259TZ8URfZtHcblB4UDY5U0o3JZv8+YnGHDEBH8w2aID7HxM6fo6PTLqohNegRQC
BGaqPD+moVGkuuw8E3GLyUPMXQxlctc3LgTz2ashgymjtKjn3MSwdX2nr7uPMbmm
cDWTAJXRlUJxmDaUlYB6z9qyXz9nX3JoakYYCn+xx5dqP7ovs2c9qlaZv6sql9Cb
h86tTf1Vj2wKhuf7aqzc01WCpym9Q9D88wNiS8fFsFuFO2RILDSGW9DhH1bQwrZy
xH+97yjLYS9T1kAirCQ3x41++6osmFE+Oiu5SK8TtVZ/G2hYbmQxgIDLAvyV5ara
c8Es2pEx
-----END CERTIFICATE-----
Generated at Fri May 3 13:17:53 2024 by rpki-client on console-ams.rpki-client.org